![]() Security measures are deployed to defend against a certain threat landscape. It is a happy irony that even though few use the Security Manager, the proposal to remove it has made people consider Java’s security, and the increased attention will hopefully make it easier to understand our current security focus, which relies, at least in part, on the module system. In this post I’d like to go over some of the Security Manager’s use cases and present superior alternatives. ![]() The Security Manager should be removed because the high cost of maintaining it is no longer justified by its benefits, which have dropped drastically over time as the deployment and threat environment changed. Last week, JEP 411 proposed deprecating Java’s Security Manager for eventual removal through a process of gradual functional degradation. Disclaimer: This post represents the author’s views only ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |